Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Non-interactive zero-knowledge and its applications
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
SAC '99 Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography
Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Provably Secure Blind Signature Schemes
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Discrete Applied Mathematics
Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Security of Verifiably Encrypted Signatures and a Construction without Random Oracles
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Randomizable Proofs and Delegatable Anonymous Credentials
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Transferable Constant-Size Fair E-Cash
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Full-domain subgroup hiding and constant-size group signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
P-signatures and noninteractive anonymous credentials
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Structure-preserving signatures and commitments to group elements
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Cryptography against Continuous Memory Attacks
FOCS '10 Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science
Signatures on randomizable ciphertexts
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Round-optimal composable blind signatures in the common reference string model
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Achieving optimal anonymity in transferable e-cash with a judge
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Optimal structure-preserving signatures in asymmetric bilinear groups
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Anonymous credentials from (indexed) aggregate signatures
Proceedings of the 7th ACM workshop on Digital identity management
Separating short structure-preserving signatures from non-interactive assumptions
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Block-wise p-signatures and non-interactive anonymous credentials with efficient attributes
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Multi-show anonymous credentials with encrypted attributes in the standard model
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Malleable proof systems and applications
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Constant-Size structure-preserving signatures: generic constructions and simple assumptions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Computing on authenticated data: new privacy definitions and constructions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Succinct malleable NIZKs and an application to compact shuffles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Protecting privacy by sanitizing personal data: a new approach to anonymous credentials
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Journal of Computer Security - Advances in Security for Communication Networks
Hi-index | 0.00 |
Verifiable encryption allows one to encrypt a signature while preserving its public verifiability. We introduce a new primitive called commuting signatures and verifiable encryption that extends this in multiple ways, such as enabling encryption of both signature and message while proving validity. More importantly, given a ciphertext, a signer can create a verifiably encrypted signature on the encrypted (unknown) message, which leads to the same result as first signing the message and then verifiably encrypting the message/signature pair; thus, signing and encrypting commute. Our instantiation is based on the recently introduced automorphic signatures and Groth-Sahai proofs, which we show to be homomorphic. We also prove a series of other properties and provide a novel approach to simulation. As an application, we give an instantiation of delegatable anonymous credentials, a primitive introduced by Belenkiy et al. Our construction is arguably simpler than theirs and it is the first to provide non-interactive (and thus concurrently secure) issuing and delegation protocols, which are significantly more efficient. Moreover, the size of our credentials and the cost of verification are less than half of those of the previous instantiation. All our constructions are proven secure in the standard model under known non-interactive assumptions.